Canonical
Linux Cryptography and Security Engineer
This role at Canonical focuses on building and maintaining the security foundation for Ubuntu, with alignment to international information security standards such as FIPS 140-3 and Common Criteria. You will apply cryptography, Linux security, and software development skills to enhance the Ubuntu distribution and collaborate with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.
Responsibilities
Develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance.
Collaborate with internal and external stakeholders to identify gaps in frameworks and develop solutions to address security challenges.
Influence team and security culture, facilitate technical delivery, and help drive team direction and execution.
Collaborate with Canonical\'s kernel team and the wider engineering organization to drive features impacting all Ubuntu users.
Collaborate with other engineers in the Security Hardening team to achieve and retain various security certifications.
Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with features required for FIPS and CC certification.
Test and validate kernel and crypto module components with external security consultants.
Develop security hardening benchmarks and audit/remediation automation for Ubuntu.
Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community.
What we are looking for
Hands-on experience with low-level Linux cryptography APIs and debugging.
Excellent software engineering fundamentals, including prior experience with C development.
Hands-on experience with Linux system administration and shell scripting.
Demonstrated knowledge of security and cryptography fundamentals with experience writing secure code.
Significant development experience with open source libraries.
Excellent verbal and written communications for collaboration in a remote-first environment.
Additional Skills
Experience with FIPS/Common Criteria certified products and related standards.
Experience with DISA-STIG or CIS benchmarks and related audit/remediation tooling (e.g., Compliance as Code).
Experience working directly with the Linux Kernel.
Experience with Python, OVAL, and Ansible.
Contributions to open source projects.
What we offer We consider geographical location, experience, and performance in shaping compensation worldwide. In addition to base pay, we offer a performance-driven annual bonus and benefits. We balance programs to meet local needs and ensure fairness globally.
Distributed work environment with twice-yearly in-person team sprints.
Personal learning and development budget of USD 2,000 per year.
Annual compensation review.
Recognition rewards.
Annual holiday leave.
Maternity and paternity leave.
Employee Assistance Programme.
Opportunity to travel to meet colleagues from your team and others.
Travel upgrades for long-haul company events.
About Canonical Canonical is a pioneering tech firm at the forefront of open source and the publisher of Ubuntu. We recruit on a global basis and maintain a remote-first culture. We have been remote-first since 2004 and seek excellence in all we do.
Canonical is an equal opportunity employer. We are proud to foster a workplace free from discrimination. Whatever your identity, we will give your application fair consideration.
#J-18808-Ljbffr
Responsibilities
Develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance.
Collaborate with internal and external stakeholders to identify gaps in frameworks and develop solutions to address security challenges.
Influence team and security culture, facilitate technical delivery, and help drive team direction and execution.
Collaborate with Canonical\'s kernel team and the wider engineering organization to drive features impacting all Ubuntu users.
Collaborate with other engineers in the Security Hardening team to achieve and retain various security certifications.
Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with features required for FIPS and CC certification.
Test and validate kernel and crypto module components with external security consultants.
Develop security hardening benchmarks and audit/remediation automation for Ubuntu.
Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community.
What we are looking for
Hands-on experience with low-level Linux cryptography APIs and debugging.
Excellent software engineering fundamentals, including prior experience with C development.
Hands-on experience with Linux system administration and shell scripting.
Demonstrated knowledge of security and cryptography fundamentals with experience writing secure code.
Significant development experience with open source libraries.
Excellent verbal and written communications for collaboration in a remote-first environment.
Additional Skills
Experience with FIPS/Common Criteria certified products and related standards.
Experience with DISA-STIG or CIS benchmarks and related audit/remediation tooling (e.g., Compliance as Code).
Experience working directly with the Linux Kernel.
Experience with Python, OVAL, and Ansible.
Contributions to open source projects.
What we offer We consider geographical location, experience, and performance in shaping compensation worldwide. In addition to base pay, we offer a performance-driven annual bonus and benefits. We balance programs to meet local needs and ensure fairness globally.
Distributed work environment with twice-yearly in-person team sprints.
Personal learning and development budget of USD 2,000 per year.
Annual compensation review.
Recognition rewards.
Annual holiday leave.
Maternity and paternity leave.
Employee Assistance Programme.
Opportunity to travel to meet colleagues from your team and others.
Travel upgrades for long-haul company events.
About Canonical Canonical is a pioneering tech firm at the forefront of open source and the publisher of Ubuntu. We recruit on a global basis and maintain a remote-first culture. We have been remote-first since 2004 and seek excellence in all we do.
Canonical is an equal opportunity employer. We are proud to foster a workplace free from discrimination. Whatever your identity, we will give your application fair consideration.
#J-18808-Ljbffr